search

kienmarkdo / Telegram-OSINT-for-Cyber-Threat-Intelligence-Analysis

An OSINT tool tailored for comprehensive collection, analysis, and interpretation of cyber threat intelligence from Telegram channels and groups.
1 stars 0 forks source link
elasticsearch kibana osint-tool telegram telegram-osint telegram-scraper threat-intelligence

readme

Welcome!

To view more information about the project, visit the Wiki!

Quick Setup

Recommended: Visit the Wiki's Set Up Development Environment page for detailed setup instructions.

Installations

Telegram Installation / API Setup

[!NOTE] It is recommended that you use a burner phone number, a burner email address, and a VM to install Telegram Desktop. For more Telegram setup and OPSEC instructions, view the Wiki.

Environment Setup

Create a configs.py file. Paste and modify the code below accordingly.

"""
Replace mandatory None values with your info. Ensure correct data types, as specified.
For optional values, replace them with your info as needed. Otherwise, keep values as None.

Configurations:
- Basic configurations           (REQUIRED)
- Collection configurations      (OPTIONAL)
- Elasticsearch configurations   (OPTIONAL)

The file example_configs.py has been created as a guide template.
"""

########################
# Basic configurations #
########################
PHONE_NUMBER: str = None               # (mandatory) (i.e. +12223334444)
API_HASH: str = None                   # (mandatory)
API_ID: int = None                     # (mandatory)

#############################
# Collection configurations #
#############################

# Proxy configuration
PROXIES: list[dict] = None             # (mandatory) default None for no proxy
# Add a each proxy object to the list. Below is an example template for two proxies.
# PROXIES: list[dict] = [
#     {
#         'proxy_type': 'socks5',        # (mandatory) protocol to use (i.e.: socks5)
#         'addr': '',                    # (mandatory) proxy IP address (i.e.: 123.123.123.123)
#         'port': 1080,                  # (mandatory) proxy port number (i.e.: 1080)
#         'username': '',                # (optional) username if the proxy requires auth
#         'password': '',                # (optional) password if the proxy requires auth
#         'rdns': True                   # (optional) whether to use remote or local resolve, default remote
#     },
#     {
#         'proxy_type': '',              # (mandatory) protocol to use (see above)
#         'addr': '',                    # (mandatory) proxy IP address
#         'port': 1080,                  # (mandatory) proxy port number
#         'username': '',                # (optional) username if the proxy requires auth
#         'password': '',                # (optional) password if the proxy requires auth
#         'rdns': True                   # (optional) whether to use remote or local resolve, default remote
#     },
# ]  # uncomment to add proxies

##########################
# Elastic configurations #
##########################
es_username: str = None                # (required) default None
es_password: str = None                # (required) default None
es_ca_cert_path: str = None            # (required) path to 'http_ca.crt' file stored in elasticsearch-<VERSION>/config/certs/http_ca.crt